Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b6add1ab-b1b1-4863-813c-c831ef37c38c.roa
File: b6add1ab-b1b1-4863-813c-c831ef37c38c.roa (raw, json)
Hash identifier: t2SLCD/kI3FtlKhn+PRjIsBvwF+GmeWO19Vx0kjcPN4=
Subject key identifier: 22:E9:DE:B8:31:39:69:08:28:66:A0:2D:E1:71:9F:D4:F3:74:2B:B7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5D8E7BE28D700A366EB6E34F438B08C1F318DF55
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b6add1ab-b1b1-4863-813c-c831ef37c38c.roa
Signing time: Wed 17 Apr 2024 00:00:00 +0000
ROA not before: Wed 17 Apr 2024 00:00:00 +0000
ROA not after: Wed 22 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000::/25 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Apr 2024 14:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:8e:7b:e2:8d:70:0a:36:6e:b6:e3:4f:43:8b:08:c1:f3:18:df:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 00:00:00 2024 GMT
Not After : May 22 23:59:59 2024 GMT
Subject: serialNumber=ce50baf2ce87f42b9988f2ac9ac457640505423b5594c381a73d2db8fa46d73c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:62:d1:08:bd:00:7b:04:d2:26:15:37:7e:30:
75:49:b8:54:56:40:5d:0c:77:04:e6:59:57:80:4b:
30:8b:7d:3f:76:52:6b:ee:4c:21:cd:44:42:4a:16:
55:e1:b8:a4:75:57:37:f5:c0:e0:d0:38:e1:0f:96:
61:8f:ac:55:ea:c2:98:63:c0:8a:e7:57:34:db:5b:
15:60:ad:0b:e2:82:31:67:ae:3d:06:c4:3d:53:e8:
44:ed:37:b1:f7:70:46:67:b9:d4:f2:3d:25:ae:d3:
13:97:a7:c8:18:4f:fb:ac:33:9a:95:49:61:00:6b:
6c:79:68:98:de:77:c9:85:8d:8f:09:dd:71:df:2f:
b4:f2:a2:e1:79:2b:37:40:55:85:32:64:4f:ca:9d:
d5:0a:24:3e:c2:d6:be:a4:11:be:fa:65:d2:ff:ce:
83:cc:3c:19:38:96:cb:9c:c2:99:3d:5e:a5:83:d8:
90:a3:c6:be:ee:69:c3:c0:e1:3a:9c:78:bb:8d:36:
31:c8:99:a8:e1:85:e3:76:1b:d3:7d:df:ae:9d:97:
45:12:9a:89:be:b0:d4:a4:ad:2c:63:34:9d:92:c7:
33:a2:73:49:54:f0:76:fc:aa:ca:02:3a:20:c3:6a:
75:a0:c3:d7:38:8d:72:9a:35:0d:a9:44:3b:5c:fc:
dd:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:E9:DE:B8:31:39:69:08:28:66:A0:2D:E1:71:9F:D4:F3:74:2B:B7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b6add1ab-b1b1-4863-813c-c831ef37c38c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000::/25
Signature Algorithm: sha256WithRSAEncryption
4b:f8:af:72:7c:63:ab:2a:2b:ae:1c:06:cc:14:49:b0:98:1c:
d7:ed:fb:dd:9d:7e:e4:d3:2c:d8:0c:80:38:c3:7c:83:7d:3a:
38:fe:63:d6:d2:0d:b4:b3:12:a8:25:bd:d0:0e:ed:80:99:04:
65:4c:d8:99:f5:88:05:12:16:d0:c9:25:06:71:de:8b:32:4f:
f4:08:9f:6a:50:00:4a:87:61:c7:af:8b:ab:4e:fe:45:bd:7c:
84:92:5d:77:48:98:f9:cb:94:a3:2d:e3:1a:6a:a6:45:a3:80:
56:eb:42:d2:f8:9b:fd:b2:33:fd:0c:42:61:5d:13:af:39:99:
b0:e1:ec:d4:33:e6:db:9e:dc:e5:9a:67:15:73:e3:61:f2:df:
fc:7b:2b:88:63:a8:c4:77:ca:72:1f:6d:fe:d8:50:76:4e:b8:
2a:21:42:03:fc:35:72:cd:14:df:9b:4a:32:61:f7:e0:ae:bc:
1d:eb:56:bb:b3:44:4c:eb:0a:6a:21:9a:b3:0b:1c:03:e6:43:
25:cc:f9:62:df:99:b0:ce:29:ad:96:f6:bc:29:3b:41:5e:5c:
8e:e4:15:69:9f:27:41:a8:25:91:fb:79:85:11:28:bd:57:58:
18:4f:93:fe:bf:99:4a:61:9f:68:a4:19:02:77:6a:66:ae:78:
85:2a:b7:a2
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUXY574o1wCjZutuNPQ4sIwfMY31UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MTcwMDAwMDBaFw0yNDA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGNlNTBiYWYyY2U4N2Y0MmI5OTg4ZjJhYzlhYzQ1NzY0MDUwNTQyM2I1NTk0
YzM4MWE3M2QyZGI4ZmE0NmQ3M2MxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALhi0Qi9AHsE0iYVN34wdUm4VFZAXQx3BOZZV4BLMIt9P3ZSa+5MIc1EQkoW
VeG4pHVXN/XA4NA44Q+WYY+sVerCmGPAiudXNNtbFWCtC+KCMWeuPQbEPVPoRO03
sfdwRme51PI9Ja7TE5enyBhP+6wzmpVJYQBrbHlomN53yYWNjwndcd8vtPKi4Xkr
N0BVhTJkT8qd1QokPsLWvqQRvvpl0v/Og8w8GTiWy5zCmT1epYPYkKPGvu5pw8Dh
Opx4u402MciZqOGF43Yb033frp2XRRKaib6w1KStLGM0nZLHM6JzSVTwdvyqygI6
IMNqdaDD1ziNcpo1DalEO1z83UsCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQi6d64
MTlpCChmoC3hcZ/U83QrtzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjZhZGQxYWItYjFiMS00ODYzLTgxM2MtYzgzMWVmMzdjMzhjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFByoF0AAw
DQYJKoZIhvcNAQELBQADggEBAEv4r3J8Y6sqK64cBswUSbCYHNft+92dfuTTLNgM
gDjDfIN9Ojj+Y9bSDbSzEqglvdAO7YCZBGVM2Jn1iAUSFtDJJQZx3osyT/QIn2pQ
AEqHYcevi6tO/kW9fISSXXdImPnLlKMt4xpqpkWjgFbrQtL4m/2yM/0MQmFdE685
mbDh7NQz5tue3OWaZxVz42Hy3/x7K4hjqMR3ynIfbf7YUHZOuCohQgP8NXLNFN+b
SjJh9+CuvB3rVruzREzrCmohmrMLHAPmQyXM+WLfmbDOKa2W9rwpO0FeXI7kFWmf
J0GoJZH7eYURKL1XWBhPk/6/mUphn2ikGQJ3amaueIUqt6I=
-----END CERTIFICATE-----
Generated at Wed Apr 24 16:35:32 2024 by rpki-client on console-fra.rpki-client.org